This guide will provide background information on modifying an existing controlled folder access folder path.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: Device Security
Domain: Attack Surface Reduction Management
Modifies: Controlled Folder Application Exclusions
Modifying a Device Controlled Folder Access Rule
- Navigate to the Attack Surface Reduction – Intune portal, locate and select the policy you wish to alter.
- Upon selecting the rule, scroll down to the Properties section; all the information of the rule will be displayed. Four points of interest will be available to Edit. You can modify the sections as needed.
- Basics: Adjusts non-functional items of the rule, such as the Name or Description of the rule.
- Assignments: Specifies which Groups will be included or excluded from rule enforcement.
- Scope Tags: Specifies which administrators will have access to the viewing and altering this object.
- Configuration Settings: Displays the security settings for the Attack Surface Reduction Rules profile type that are currently enabled or disabled and being applied to the associated devices specified in the Assignments section. We will be worried about two specific settings Enabled Controlled Folder Access and Controlled Folder Access Protected Folders. Modifications can vary from disabling either settings or changing the folder path listed under Controlled Folder Access Protected Folders.
- Basics: Adjusts non-functional items of the rule, such as the Name or Description of the rule.
- Regardless of which section is selected to be Edited, the same redirect to the Edit Policy page will be displayed. The first page will display the selected sections current configuration and will allow you to make the necessary adjustments (additions, removals, editing, etc.) The second page will be the Review section where you will finalize the changes. Once the necessary adjustments have been configured for the selected section select Next to continue to the modification finalization stage.
- Once on the revisions page, if all the necessary adjustments look correct, select Save to finalize the modification process.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.